SANS ISC: Sourceforge attack - SANS Internet Storm Center

• SANS Site Network
  • Current Site
  • Internet Storm Center
  • Other SANS Sites Help
  • Graduate Degree Programs
  • Security Training
  • Security Certification
  • Security Awareness Training
  • Penetration Testing
  • Industrial Control Systems
  • Cyber Defense Foundations
  • DFIR
  • Software Security
  • Government OnSite Training

SANS ISC InfoSec Forums

 Like most of you have been aware of attacks on Sourceforge. Not sure what the motives behind these are, but a number of devices have been compromised and for those of you who host projects there you will have seen that some services are not available.  A number of you have also received a password reset email. 

"We recently experienced a directed attack on SourceForge infrastructure
(http://sourceforge.net/blog/sourceforge-net-attack/) and so we are
resetting all passwords in the sf.net database -- just in case.  We're
e-mailing all sf.net registered account holders to let you know about this
change to your account."

The email directs you to the "forgot password" page to reset your passwords.  As with all email containing links mak sure you check it or follow the advice, but go to the sourceforge pages directly rather than clicking a link in an email. 

The netblog states that code hosted is not affected. 

Hopefully they will find out who is behind it and they will let all of us know. 

Mark 

Their full report about the attack is available at
http://www.sourceforge.net/blog/sourceforge-attack-full-report/